Job Description

We are seeking an IT Compliance Analyst to join our cybersecurity team to protect McDonald’s and its shareholders. In this role, you will collaborate closely with IT controls and cybersecurity experts, market leads throughout the world, internal and external audit, and Global Information Technology teams to drive the development, deployment, and improvement of our global IT SOX and general controls. In addition, this role will be responsible for regulatory compliance (e.g., Sarbanes Oxley), third-party risk as it relates to regulatory compliance and governance.  The position will also work closely with Global Finance teams to improve the overall controls environment. 

Global Technology Risk Management (GTRM) is ultimately responsible for the securing of McDonald’s information assets at a global level. This role will work inside the McDonalds information security organization that is responsible for our cybersecurity governance & compliance program and critical services, ensuring our leadership makes informed risk-based decisions. This individual will also be responsible for global information governance efforts, including but not limited to IT SOX.

The Analyst – IT SOX and General Controls works in a team of global professionals and partners for the day-to-day tactical functioning of the processes and people dedicated to the organization. This position will work closely with the control owners worldwide and other partners to always ensure that the daily activities upon which McDonald’s depends to reduce risk to the environment are functioning as designed and providing the desired benefit. With all the new projects and initiatives, it is an exciting time to be on the cybersecurity team, helping to make a safer and better McDonald's!

RESPONSIBILITIES

• Assist control owners on the development of their controls and guiding them on improving the efficiency and effectiveness of their controls
• Analyze complex compliance and risk issues, determine their root cause, determine impact on the business, and identify the corrective action needed to eliminate and prevent the events in the future
• Develop strong and efficient IT controls to support the latest technologies
• Facilitate access reviews and provide feedback on completed reviews
• Analyze data to ensure and improve control effectiveness
• Work with cross-functional teams to identify and implement cost and risk-reducing opportunities for IT Governance and Compliance
• Provide feedback to control owners on newly developed controls
• Work with external, internal audit, Global Technology, and Finance to improve the control environment
• Perform functions promptly and with an acute level of attention to detail, urgency, and thoroughness
• Provide feedback on our policies and standards with the definition of KPI’s associated with compliance
• Maintain appropriate policies, SOPs, training, and guidelines for managing all information required for the program
• Work closely with the markets, information management program vendors, and consultants to improve programs
• Analyze and document 3rd party SOC reports to ensure that any SOX risk from these reports is appropriately addressed
• Support departmental activities

Qualifications

MINIMUM REQUIREMENTS

• Bachelor’s degree in Engineering, Computer Science, Information Security, Accounting, or other related fields
• 2+ years of professional experience in internal or external auditing, accounting, or compliance

DESIRED SKILLS:

• Experienced in key compliance areas and IT frameworks such as IT Audit, Sarbanes-Oxley, COBIT, SOC reports, HIPAA, ISO27001, COBIT, and privacy frameworks such as GDPR, and CCPA
• Familiarity with complex multinational companies and distributed business models
• Basic knowledge of accounting and finance
• Basic knowledge of IT technologies
• Experience with Microsoft Office tools
• Flexibility to occasionally work beyond normal business hours to support a worldwide organization
• Experience with global regulatory compliance
• Ability to interpret and understand business needs and convey such issues to information technology teams
• Proficient in technical writing and demonstrating various creative mechanisms to communicate to diverse audiences
• Strong ability to assess urgency and prioritization and make good decisions based upon situation circumstances
• Professional certifications such as CISA, CIA, and PMP a plus

_MUST BE FULLY VACCINATED (I.E., AT LEAST 2 WEEKS AFTER LAST DOSE) FOR COVID-19 AND, IF HIRED, PRESENT PROOF OF VACCINATION BY START DATE. _

Additional Information

McDonald’s is committed to providing qualified individuals with reasonable accommodations to perform the essential functions of their jobs. Additionally, if you (or another applicant of whom you are aware) require assistance accessing or reading this job posting or otherwise seek assistance in the application process, please contact recruiting.supportteam@us.mcd.com

McDonald’s provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to sex, sex stereotyping, pregnancy (including pregnancy, childbirth, and medical conditions related to pregnancy, childbirth, or breastfeeding), race, color, religion, ancestry or national origin, age, disability status, medical condition, marital status, sexual orientation, gender, gender identity, gender expression, transgender status, protected military or veteran status, citizenship status, genetic information, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

Nothing in this job posting or description should be construed as an offer or guarantee of employment.